Dan Carr, head of cyber at Ariel Re, tells GR at RVS 2025 that the cyber market must adapt its structures and products to achieve sustainable global growth, with systemic exposures reshaping the risk landscape.

The cyber reinsurance market has reached an inflection point, according to Dan Carr, head of cyber at Ariel Re.

Dan Carr Ariel Re

Speaking to GR at the Monte Carlo Rendez-Vous, Carr said recent years of sharp rate movements had been replaced by a more nuanced debate about sustainable growth.

“There’s a fascination with what the rates are, whether they’re adequate or not,” he explained. “But the reality is to get to another phase of growth, the question is: how does the market grow?”

Carr said the era of simply exporting a US-centric cyber product to other regions was over.

“You can’t just take the old US cyber policy and run it out everywhere,” he said. “Different regions have different regulatory frameworks and different engagement with insurance purchasing. A more ground-up approach is needed.”

Regional differences

The US market has historically dominated, accounting for about two-thirds of global cyber premiums. Growth was driven by liability concerns and data privacy rules, with insurable damages giving buyers clear incentive to purchase cover.

“In the UK, damages aren’t insurable in law,” Carr noted. “So really all you’re getting is a legal expense policy and first-party services. That makes it more about service elements and business interruption.”

He said that while opportunities exist across Europe, Asia and the Middle East, expectations should be tempered by local realities.

“It’s simplistic to say: they’ve got computers, they’ve got cyber risk, so we can sell them a cyber policy,” he added. “The question is whether they are in a place to buy it, whether there’s disposable capital, and what the actual driver is for purchase.”

Carr pointed to emerging data privacy regulations outside the US, but cautioned that it often takes years—and a few regulatory fines—before buyers respond with insurance demand.

Systemic risk

On the capital side, Carr said the market has moved away from over-reliance on quota share treaties, with more cedants retaining risk and showing interest in excess-of-loss and aggregate structures. “For us, it’s about doing sustainable deals, not silly ones,” he said. “The market needs more tools to think about how they structure their insurance programmes.”

Cyber catastrophe bonds have also generated recent attention. Carr described them as useful in establishing alternative capital but warned that scale remains a challenge.

“It’s a very capital-inefficient way of obtaining cover unless you have a billion-dollar book,” he said. “Most buyers only need smaller, targeted limits, which are more efficiently obtained in the traditional reinsurance market.”

Looking ahead, Carr emphasised that the industry’s preoccupation with the possibility of a single, catastrophic cyber event risks overlooking the more likely outcome of systemic multi-loss events.

“Risk no longer looks like a single company’s infrastructure going down,” he said. “It’s 50 companies all using one supplier. You’re going to see more frequent, localised, multi-insured events. That’s what the market needs to prepare for.”

He added: “Everyone is focused on the big-ticket scenarios, but the reality is more systemic, smaller-scale events. The market isn’t yet structured from a pricing and data perspective to fully reflect that, but it has to get there.”